I have bind9 running for local LAN DNS. I also have an APT caching server. So, I set up an RPZ file to poison certain domain names and have them resolve to my internal caching server instead. Running e.g.
apt update is returning resolution errors _I think_ because the caching server is unable to resolve the true (external) records and fetch the data. I think this means I’d have to set up a view for the caching server as a /32.
So the question is, can I set it up so that my caching server hitting domains in the poisoned zone just get forwarded, while the rest of the network gets the poisoned data? I’m just not sure how to go about doing that.
Asked by Harv
(2512 rep)
Dec 7, 2024, 08:00 AM
Last activity: Dec 7, 2024, 01:27 PM
Last activity: Dec 7, 2024, 01:27 PM